I've just finished updating the HackMyCF.com ColdFusion security scanner to detect the BlaseDS Vulnerability APSB10-05 announced in February 2010. As you hopefully know, this vulnerability also effects ColdFusion 7-9, because it has BlaseDS installed by default.

PHP security guru Chris Shiflett has a great post about the dangers of Cross Domain Flash. If you have implemented a crossdomain.xml file you will want to read his post.

If you have a crossdomain.

I've often wondered why Flash RIA's (rich internet applications) haven't really seen the anywhere near the level of excitement that AJAX is currently seeing. They both solve the same problem.

Looking for example applications built with Macromedia products? I found this list of Macromedia sample applications

in the del.icio.us side bar on cfmx.org.

There are Flex, Flash, ColdFusion, and Dreamweaver example apps there.

Tim O'Reilly has a blog post on Zorn - Macromedia's Flash tool that will run on Eclipse. Tim is on the Board of Directors for Macromedia...

Greg Yardley has created a firefox plugin called Objection in response to my, and other blog posts about the privacy concerns of Local Shared Objects, or Flash Cookies.

The plugin adds a clear button for Local Shared Objects to the privacy options in Firefox.

About a month ago I linked to Geert Bevin's post about his frustrations with Laszlo (an xml to swf generator). Geert, has posted an update since moving to the latest version of Laszlo.

There is lots of buzz going on over marketers using Flash's Local Shared Objects to store client side information, instead of traditional http cookies. This is a response to a report from Jupiter research stating that 38% of web users delete cookies on a regular basis.

Now that Laszlo is open source and Flex has a free Non-Commercial License it is safe to assume that we will be seeing increased interest in server side swf generation.

Last week I wrote a Server Memory monitoring tool using Flash Remoting. I'm not much of a flash developer, but it only took a few hours. Here's a screen shot of the tool:

Keep in mind this tool only shows the memory for the JVM instance that ColdFusion MX is running in.